Change log for VMWARE_ESX

Date Changes
2024-07-01 Enhancement:
- Added support for a new pattern of Syslog logs.
2024-06-11 Enhancement:
- Added support for a new pattern of Syslog logs.
2024-06-03 Enhancement:
- Added support for a new pattern of JSON logs.
2024-05-09 Enhancement:
- Added support for new pattern of "snmpd" and "Rhttpproxy" logs.
- Mapped "prod_event_type" to "metadata.product_event_type".
- Mapped "context" to "additional.fields".
2024-02-07 Bug-Fix:
- Added new Grok patterns to support the SYSLOG logs which are getting dropped.
- Mapped "newVersion" and "filter" to "security_result.detection_fields".
- Mapped "description" to "security_result.description".
2023-10-10 Enhancement:
Modified the following JSON key names using the gsub function:
- "service" to "serv".
- "event" to "log_event".
- "@timestamp" to "timestamp".
- "@version" to "version".
Added new Grok patterns to handle the JSON logs with new fields.
Matched the "timestamp" to "RFC 3339" and "TIMESTAMP_ISO8601" formats.
Mapped "host.hostname" to "principal.hostname".
Mapped "host.ip" to "principal.ip".
Mapped "type", "serv.type", "log.syslog.facility.code", "log.syslog.facility.name", "log.syslog.severity.code", "log.syslog.severity.name", and "log.syslog.priority" to "additional.fields".
Mapped "process.name" to "service".
Mapped "version" to "metadata.product_version".
Mapped "severity" to "security_result.severity".
2023-09-25 Enhancement:
- Added new Grok patterns to handle the new type of SYSLOG for VMware ESXi.
- Mapped "app_name" to "principal.application".
- Mapped "severity" to "security_result.severity".
2023-07-17 Bug_fix - Mapped "username" to "target.user.userid".
Mapped "pid" to "principal.process.pid".
Mapped "description" to "metadata.description".
2023-06-12 Bug_fix - Modified mapping of "session" for type "vmauthd". Mapped it to "network.session_id".
2022-09-01 Bug_fix - Unmapped principal.namespace from its hardcoded value.
2022-08-24 Enhancement - - Added new date type to parse dates of format "yyyy-MM-ddTHH:mm:s".
2022-08-03 Enhancement - Added the grok patterns to handle the logs with service :- hostd, vmon andd vrops.
2022-07-26 Enhancement -
Where "service" is equal to "Rhttpproxy"
- Modified mapping for "principal.namespace" from "namespace" to "WALMART".
- Mapped "namespace" to "additional.fields".
Where "service" is equal to "crond"
- Mapped "parent_pid" to "target.process.parent_process.pid".
2022-07-05 Bugfix - Updated the parser to match the timestamp in "yyyy-MM-ddTHH:mm:ss.SSSS" format.
2022-06-13 Enhancement - Modified/Added the grok patterns to handle the logs with service :- hostd, sendmail, sshd, sudo, vmcad, vmon, vpxd, vrops.
Bugfix - Modified "metadata.event_type" for 'vmauthd' logs from "USER_LOGIN" to "GENERIC_EVENT".
2022-05-02 Bugfix - As per the user requirement, target.hostname mapping changed to principal.ip for the logs which have service as "Hostd".
2022-04-13 Enhancement-Parsed the logs having the following service names: hostd-probe, vmkernel, vmkwarning, Fdm, netcpa, root, hpHelper, snmpd, etc.
Mapped logstash.ingest.timestamp to metadata.ingested_timestamp,
logstash.ingest.host and logstash.process.host to intermediary.hostname,
logstash.collect.host to observer.hostname.